rm client.jks
rm client.cert
rm client.csr

if [ "$3" = "" ]
then
        echo "Usage ./createCert.sh hostname caPassword certPassword"
        exit
fi

hostname=$1
caPassword=$2
certPassword=$3

# create a new certificate
keytool -genkeypair -keystore client.jks -storepass $certPassword -alias cs6238 -keypass $certPassword -keysize 2048 -keyalg RSA -dname "cn=$hostname, ou=None, o=none, L=none, S=none, c=BG" -validity 3650 -v
keytool -certreq -keystore client.jks -storepass $certPassword -alias cs6238 -keypass $certPassword -file client.csr -v

# sign the CSR with openssl
openssl x509 -req -in client.csr -CA ca.pem -out client.cert -days 3650 -CAcreateserial -passin pass:$caPassword
keytool -importcert -trustcacerts -alias ca -file ca.cert -keystore client.jks -storepass $certPassword 
keytool -importcert -keystore client.jks -storepass $certPassword -alias cs6238 -keypass $certPassword -file client.cert -v

rm client.csr
rm client.cert
